BIS designates Huawei Technologies Co., Ltd. and certain of its affiliates to the Entity List, restricting their ability to receive US products, software, and technology.

On May 16, 2019, the US Commerce Department’s Bureau of Industry and Security (BIS), which administers and enforces the Export Administration Regulations (EAR), added Huawei Technologies Co.,Ltd. (Huawei) and 68 of its affiliates to the BIS Entity List. This action, which was published in the Federal Register on May 21, restricts the ability of the designated Huawei parties to receive US-regulated products, software, and technology (collectively, “items”). BIS has issued a temporary general license, published in the Federal Register on May 22, allowing certain limited categories of exports, reexports, and in-country transfers to the designated Huawei parties to continue for a period of 90 days.

According to a Commerce Department press release, the designation of Huawei and certain of its affiliates was based on a finding that Huawei’s activities are contrary to US national security or foreign policy interests. This action comes on the heels of an Executive Order issued on May 15 by President Trump that could portend further measures against Huawei or other non-US telecommunications companies.

A discussion of five key questions concerning these developments follows:

1. Which Huawei entities are covered?

BIS added Huawei and 68 of its non-US affiliates in the following locations to the Entity List: Belgium,Bolivia, Brazil, Burma, Canada, Chile, China, Egypt, Germany, Hong Kong, Jamaica, Japan, Jordan,Lebanon, Madagascar, the Netherlands, Oman, Pakistan, Paraguay, Qatar, Singapore, Sri Lanka, Switzerland, Taiwan, the United Kingdom, and Vietnam. The full list of entities is published in the Federal Register.

These new restrictions do not automatically extend to unnamed affiliates of designated entities that are not themselves on the Entity List. However, a BIS FAQ encourages parties that “export, reexport, or transfer items subject to the EAR with knowledge that the items are destined to a subsidiary, sister, parent, or other affiliate of a listed entity ... to take extra due diligence steps to ensure that (i) the items are not ultimately destined for the listed entity and (ii) the affiliate is a separate legal entity (as opposed to a branch or operating division of the listed entity).” Another BIS FAQ confirms that the restrictions extend to all branches and operating divisions of those entities.

2. What activities are restricted?

As a result of the Entity List designations, no person (US or non-US) may export, reexport, or transfer incountry any items regulated under the EAR to the designated Huawei parties, absent authorization from BIS. EAR regulated items (or items “subject to the EAR”) include all items in the United States, all USorigin items (wherever located) and certain foreign-made items that contain more than a de minimis amount of controlled US-origin content. Importantly, these export and transfer restrictions apply even to “low tech” items classified as EAR99 (the least-restrictive export classification under the EAR). License applications to BIS will be subject to a “presumption of denial” — meaning, as a practical matter, that no licenses are likely to be issued.

These export and transfer restrictions do not prevent US persons (or non-US persons) from all categories of transactions with the designated Huawei entities. To the contrary, a BIS FAQ confirms that US companies can deal with parties on the Entity List, as long as the dealings do not involve the export, reexport, or in-country transfer of EAR-controlled items. However, an FAQ explains that transactions with listed entities carry a “red flag” and underscores the importance of confirming that items received from an Entity List company have not been obtained in violation of the EAR.

3. Are there any exceptions?

There are certain exceptions that provide limited and temporary relief from the new restrictions.

First, the new rules exempt certain shipments that were already en route to a designated Huawei party at time of the designations (i.e., on May 16, 2019).

Second, on May 20, BIS issued a temporary general license (TGL) that partially restores, for a period of 90 days (from May 20 until August 19), EAR licensing requirements and policies that were in place before the designation of Huawei and its affiliates. The TGL authorizes the export, reexport, and in-country transfer of EAR-regulated items to a designated Huawei party if such transfers would have been authorized before the designation of the relevant Huawei party (i.e., under an EAR license exception or because no EAR license was required) and the transaction falls into one of the following categories:

  • Continued Operation of Existing Networks and Equipment. The transaction is “necessary to maintain and support existing and currently fully operational networks and equipment, including software updates and patches, subject to legally binding contracts and agreements executed between” the relevant parties on or before May 16, 2019.
  • Support to Existing Handsets. The transaction is “necessary to provide service and support, including software updates or patches, to existing Huawei handsets that were available to the public on or before May 16, 2019.”
  • Cybersecurity Research and Vulnerability Disclosure. The transaction involves the disclosure to a designated Huawei party of information regarding “security vulnerabilities” in an item “owned, possessed, or controlled” by the designated Huawei party, provided the information is “related to the process of providing ongoing security research critical to maintaining the integrity and reliability of existing and currently fully operational networks and equipment, as well as handsets.”
  • Engagement as Necessary for Development of 5G Standards by a Duly Recognized Standards Body. The transaction qualifies “as necessary for the development of 5G standards as part of a duly recognized international standards body,” such as the Institute of Electrical and Electronics Engineers, Internet Engineering Task Force, or International Organization for Standards.

Prior to any export, reexport, or transfer under the TGL, shippers must create a written certification statement that the transaction meets the terms of the TGL. This certification statement must be kept for recordkeeping purposes for five years.

BIS possibly will issue additional authorizations designed to mitigate the impact of the new rule. Potential limiting measures might include, for example, broader or extended “grandfathering” for existing commercial obligations and/or favorable export licensing policies for certain categories of transactions. 

4. Are purchases of products or services from Huawei restricted? 

As noted above, a BIS FAQ suggests that purchases from companies on the Entity List warrant additional scrutiny, primarily to confirm that items being received have not been acquired by the Entity List company in violation of the EAR. Specifically, EAR provision General Prohibition 10 prohibits persons (both US and non-US) from buying, selling, transferring, ordering, using, transporting, or servicing “any item subject to the EAR and exported or to be exported with knowledge that a violation of the [EAR] ... has occurred.” Depending on the facts, a person that procures an EAR-controlled item from Huawei that Huawei received in violation of the EAR would risk violating this prohibition. 

5. What is the impact and significance of the May 15 Executive Order?

The Entity List designations were not the only actions through which the Trump Administration took aim at the telecommunications industry. On May 15, the White House issued an Executive Order entitled “Securing the Information and Communications Technology and Services Supply Chain” (EO). The EO declared “a national emergency” arising from the use or acquisition of information and communications technology and services (ICT) supplied by those working for or under the direction or influence of foreign adversaries. 

The EO prohibits the “acquisition, importation, transfer, installation, dealing in, or use of information and communications technology or service (Transaction)” if such Transaction involves ICT designed, developed, manufactured, or supplied by a person owned or controlled by, or subject to the jurisdiction or direction of, a foreign adversary, if the Secretary of Commerce — following consultation with the heads of specified departments and agencies — determines if any of the following apply to the Transaction:

  • Poses an undue risk of sabotage to or subversion of the design, integrity, manufacturing, production, distribution, installation, operation or maintenance of ICT in the United States  
  • Poses an undue risk of catastrophic effects on the security or resiliency of critical infrastructure or the digital economy of the United States
  • Otherwise poses an unacceptable risk to the national security of the United States or the security and safety of US persons  

The EO does not itself impose such restrictions pending those determinations. It furthermore directs the Secretary of Commerce, in consultation with the Secretary of State, Secretary of Treasury, Secretary of Defense, Attorney General, and heads of other agencies, to publish implementing “rules or regulations” within 150 days. The EO also allows for exceptions to any prohibitions issued under the order.

This EO borrows concepts from the statutory framework of the Committee on Foreign Investment in the United States (CFIUS) review process. It charges the Secretary of Commerce to act, in consultation with other economic and defense agencies, to address national security risks arising from transactions in which a foreign person or entity has an interest. The EO also permits the Secretary of Commerce to “design or negotiate measures to mitigate” any identified concerns, and directs the Secretary of Commerce, in consultation with the Secretary of State, to submit reports to Congress in connection with actions taken under the EO.